Yet another zero-day exploit targets IE
Microsoft Security Advisory 2757760, dated Sept. 17, warns of a newly disclosed IE vulnerability that could allow remote-code execution — which means an attacker could take over a targeted PC with the same rights as the current user. (This type of threat is why we recommend setting up a non-admin account on the PC you use most of the time.)According to the advisory, Internet Explorer 10 (included with Windows 8) is not threatened. But that caveat is irrelevant because few Windows users are running Win8 for any purpose other than testing the new OS.
What to do: Here, in a nutshell, are your options:1) Use another browser. Until Microsoft releases a patch for this new threat, simply do all your Web browsing with Firefox or Chrome — and make sure they’re fully updated.
2) Remove Java. If you must use IE, ensure that Java is fully disabled or not installed. I discussed this in my Sept. 6 Patch Watch column.
3) Use the Enhanced Mitigation Experience Toolkit. If you can’t operate without IE and Java, Microsoft’s EMET software can help. A RationallyPARANOID blog has a helpful how-to guide for installing EMET. Brian Krebs also has an excellent post on using the toolkit to protect IE.
Look for more on EMET — what it is and how it protects you — in next week’s regularly scheduled Patch Watch. And if Microsoft releases an out-of-cycle IE update before then, I’ll let you know. In the meantime, keep an eye out for a soon-to-be-released Microsoft fixit for Internet Explorer; it should provide protection until a patch is ready. I’ll post an update in the Lounge when it’s released.
Susan Bradley is a Small Business Server and Security MVP, a title awarded by Microsoft to independent experts who do not work for the company. She's also a partner in a California CPA firm.
No comments:
Post a Comment